This project was to help ensure the VPN’s had enough bandwidth during company meetings. This was at the height of COVID when we were stretching our resources in our data center.
I first mapped out the topology changes and then followed up with the change request.
Proposed Cabling:
Palo Alto Proposed Changes:
- Create Aggregate Group
- Add Interfaces e1/19 and 1/20
- Ensure changes have synced with passive device, IDC001-PA02.
Core Switch Proposed Changes:
- Create Port Channels 213 and 214.
interface Port-channel213
description PortChannel to <FirewallA>
no switchport
no ip address
no platform qos channel-consistency
switch virtual link 1
end
interface Port-channel214
description PortChannel to <FirewallB>
no switchport
no ip address
no platform qos channel-consistency
switch virtual link 2
End
- Apply interfaces to port channels 213.
interface GigabitEthernet1/2/36
description PortChannel to <FirewallA>
no switchport
no ip address
no cdp enable
channel-group 213 mode on
end
interface GigabitEthernet1/2/37
description PortChannel to <FirewallA>
no switchport
no ip address
no cdp enable
channel-group 213 mode on
End
- Apply interfaces to port channel 214
interface GigabitEthernet2/2/36
description PortChannel to <FirewallB>
no switchport
no ip address
no cdp enable
channel-group 214 mode on
end
interface GigabitEthernet2/2/37
description PortChannel to <FirewallB>
no switchport
no ip address
no cdp enable
channel-group 214 mode on
End
- Verify changes by monitoring traffic for the aggregate and ensuring ports are ‘up/up’ from PA001 and PA002.
